name: Renovate Dependency Updates on: schedule: # Run Renovate every Monday at 8 AM UTC - cron: '0 8 * * 1' workflow_dispatch: # Allow manual triggering inputs: dry_run: description: 'Run in dry-run mode (no changes made)' required: false default: 'false' type: boolean jobs: renovate: name: Renovate Dependencies runs-on: ubuntu-act steps: - name: Checkout repository env: SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} run: | echo "=== Repository Checkout for Renovate ===" # Set up SSH key securely if [ -n "${SSH_PRIVATE_KEY}" ]; then mkdir -p ~/.ssh echo "${SSH_PRIVATE_KEY}" > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa ssh-keyscan -p 2222 dogar.darkhelm.org >> ~/.ssh/known_hosts 2>/dev/null fi # Clone repository GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=no" \ git clone --depth 1 \ ssh://git@dogar.darkhelm.org:2222/DarkHelm.org/plex-playlist.git . # Clean up SSH key rm -f ~/.ssh/id_rsa echo "✓ Repository checked out for Renovate processing" - name: Setup Node.js for Renovate run: | echo "=== Setting up Node.js 24 for Renovate ===" # Check existing Node.js if command -v node &> /dev/null; then echo "Current Node.js version: $(node --version)" fi if command -v npm &> /dev/null; then echo "Current npm version: $(npm --version)" fi # Aggressive cleanup of all Node.js/npm installations echo "Performing complete Node.js cleanup..." # Stop any Node.js processes sudo pkill -f node || true # Remove all package-managed Node.js installations sudo apt-get remove -y --purge nodejs npm node || true sudo apt-get autoremove -y --purge || true # Remove all manual installations and caches sudo rm -rf /usr/local/bin/node* /usr/local/bin/npm* || true sudo rm -rf /usr/local/lib/node* /usr/local/include/node* || true sudo rm -rf ~/.npm ~/.nvm ~/.node* || true sudo rm -rf /root/.npm /root/.nvm /root/.node* || true sudo rm -rf /usr/share/nodejs || true sudo rm -rf /etc/apt/sources.list.d/nodesource.list* || true # Clear npm environment variables that might conflict unset npm_config_prefix npm_config_cache npm_config_globalconfig npm_config_init_module || true echo "✓ Cleanup completed" # Install Node.js 24 from NodeSource with error handling echo "Installing Node.js 24..." # Remove any existing NodeSource repository sudo rm -f /etc/apt/sources.list.d/nodesource.list || true # Add NodeSource repository curl -fsSL https://deb.nodesource.com/setup_24.x | sudo -E bash - # Install with DEBIAN_FRONTEND to avoid interactive prompts echo "Installing Node.js package..." sudo DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs # Verify and fix installation echo "=== Verifying Node.js Installation ===" # Check Node.js if command -v node &> /dev/null; then NODE_VERSION=$(node --version) echo "✓ Node.js installed: $NODE_VERSION" else echo "❌ Node.js installation failed" exit 1 fi # Check npm and fix if needed if command -v npm &> /dev/null && npm --version &> /dev/null; then NPM_VERSION=$(npm --version) echo "✓ npm working: $NPM_VERSION" else echo "⚠️ npm not working properly, reinstalling..." # Method 1: Try to fix npm with the bundled version if [ -f "/usr/bin/node" ] && [ -f "/usr/lib/node_modules/npm/bin/npm-cli.js" ]; then echo "Using bundled npm..." sudo ln -sf /usr/lib/node_modules/npm/bin/npm-cli.js /usr/bin/npm || true sudo chmod +x /usr/bin/npm || true fi # Method 2: If that doesn't work, reinstall npm manually if ! npm --version &> /dev/null; then echo "Manual npm installation..." curl -L https://www.npmjs.com/install.sh | sudo sh fi # Method 3: Last resort - use npx to bootstrap npm if ! npm --version &> /dev/null; then echo "Using node to run npm directly..." # Create npm wrapper script echo '#!/bin/bash' | sudo tee /usr/bin/npm > /dev/null echo 'exec /usr/bin/node /usr/lib/node_modules/npm/bin/npm-cli.js "$@"' | sudo tee -a /usr/bin/npm > /dev/null sudo chmod +x /usr/bin/npm fi # Final verification if npm --version &> /dev/null; then echo "✓ npm recovered successfully: $(npm --version)" else echo "❌ npm recovery failed" exit 1 fi fi # Test npm basic functionality echo "Testing npm functionality..." if npm config get registry &> /dev/null; then echo "✓ npm configuration accessible" else echo "⚠️ npm configuration issues, but continuing..." fi # Check version compatibility for Renovate NODE_VERSION=$(node --version | cut -d'v' -f2) echo "=== Version Compatibility Check ===" echo "Node.js version: $NODE_VERSION" if [[ $(echo "$NODE_VERSION 24.10.0" | awk '{print ($1 >= $2)}') == 1 ]]; then echo "✅ Node.js version $NODE_VERSION meets Renovate latest requirements" echo "RENOVATE_VERSION=latest" >> $GITHUB_ENV else echo "⚠️ Node.js version $NODE_VERSION - will use compatible Renovate version" echo "RENOVATE_VERSION=40.3.2" >> $GITHUB_ENV fi - name: Install Renovate run: | echo "=== Installing Renovate ===" # Set npm configuration for better reliability npm config set fund false npm config set audit false npm config set progress false # Use the version determined in previous step echo "Installing Renovate version: $RENOVATE_VERSION" # Install with retry logic and better error handling for i in 1 2 3; do echo "Renovate installation attempt $i/3..." # Clear npm cache to avoid issues npm cache clean --force || true # Install Renovate with timeout and error handling if timeout 300 npm install -g "renovate@$RENOVATE_VERSION" --no-audit --no-fund; then echo "✓ Renovate installation successful on attempt $i" break else echo "⚠️ Renovate installation attempt $i failed" if [ $i -eq 3 ]; then echo "❌ All Renovate installation attempts failed" echo "Checking npm and Node.js status for debugging..." echo "Node.js version: $(node --version)" echo "npm version: $(npm --version)" echo "npm config: $(npm config list || echo 'npm config failed')" exit 1 fi echo "Waiting 15 seconds before retry..." sleep 15 fi done # Verify Renovate installation echo "✓ Renovate version: $(renovate --version)" echo "✓ Renovate location: $(which renovate)" - name: Configure Renovate for Gitea env: RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} run: | echo "=== Configuring Renovate for Gitea ===" # Create Renovate configuration file cat > renovate-config.js << 'EOF' module.exports = { platform: 'gitea', endpoint: 'https://dogar.darkhelm.org/api/v1', token: process.env.RENOVATE_TOKEN, gitAuthor: 'Renovate Bot ', repositories: ['DarkHelm.org/plex-playlist'], onboarding: false, requireConfig: 'required', // Use existing renovate.json configuration extends: ['local>DarkHelm.org/plex-playlist'], // CI-specific settings prConcurrentLimit: 3, branchConcurrentLimit: 5, // Logging logLevel: 'info', logFile: '/tmp/renovate.log', // Dry run mode for testing dryRun: process.env.RENOVATE_DRY_RUN === 'true' }; EOF echo "✓ Renovate configuration created" - name: Run Renovate env: RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} RENOVATE_DRY_RUN: ${{ inputs.dry_run }} LOG_LEVEL: info run: | echo "=== Running Renovate Bot ===" # Verify token is available if [ -z "${RENOVATE_TOKEN}" ]; then echo "❌ RENOVATE_TOKEN secret not configured" echo "Please add a Gitea API token to repository secrets" exit 1 fi # Run Renovate with configuration if [ "${RENOVATE_DRY_RUN}" = "true" ]; then echo "🔍 Running in DRY-RUN mode (no changes will be made)" fi renovate --config-file=renovate-config.js DarkHelm.org/plex-playlist echo "✓ Renovate execution completed" - name: Upload Renovate logs if: always() run: | if [ -f "/tmp/renovate.log" ]; then echo "=== Renovate Log Output ===" echo "Last 50 lines of Renovate log:" tail -50 /tmp/renovate.log # Save log as artifact (if GitHub Actions artifact support exists) mkdir -p /tmp/artifacts cp /tmp/renovate.log /tmp/artifacts/renovate-$(date +%Y%m%d-%H%M%S).log else echo "No Renovate log file found" fi - name: Report Results if: always() run: | echo "=== Renovate Execution Summary ===" echo "Repository: DarkHelm.org/plex-playlist" echo "Execution time: $(date)" echo "Dry run mode: ${RENOVATE_DRY_RUN:-false}" echo "" echo "Check the Dependency Dashboard issue in your repository for detailed results:" echo "https://dogar.darkhelm.org/DarkHelm.org/plex-playlist/issues" echo "" echo "Next scheduled run: Next Monday at 8 AM UTC"